Security update for SUSE Manager 4.0.5

Announcement ID: SUSE-SU-2020:0671-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2018-1077 ( SUSE ): 5.0 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
  • CVE-2018-1077 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2019-16769 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
  • CVE-2020-1693 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • CVE-2020-1693 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • SUSE Manager Proxy 4.0
  • SUSE Manager Proxy 4.0 Module 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0
  • SUSE Manager Server 4.0 Module 4.0

An update that solves three vulnerabilities and has 51 security fixes can now be installed.

Description:

This consolidated update includes multiple patchinfos for SUSE Manager Server and Proxy. This patchinfo is used for the codestream release only.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Manager Proxy 4.0 Module 4.0
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-671=1
  • SUSE Manager Server 4.0 Module 4.0
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-671=1

Package List:

  • SUSE Manager Proxy 4.0 Module 4.0 (noarch)
    • python3-spacewalk-certs-tools-4.0.15-3.15.2
    • python3-mgr-osa-common-4.0.11-3.9.2
    • spacewalk-client-setup-4.0.12-3.13.2
    • python3-spacewalk-client-setup-4.0.12-3.13.2
    • python3-spacewalk-backend-libs-4.0.30-3.23.3
    • spacewalk-check-4.0.12-3.13.2
    • python3-spacewalk-check-4.0.12-3.13.2
    • python3-mgr-osad-4.0.11-3.9.2
    • spacewalk-base-minimal-4.0.19-3.18.3
    • spacewalk-base-minimal-config-4.0.19-3.18.3
    • supportutils-plugin-susemanager-client-4.0.3-3.3.2
    • spacewalk-backend-4.0.30-3.23.3
    • python3-spacewalk-client-tools-4.0.12-3.13.2
    • spacecmd-4.0.18-3.13.2
    • spacewalk-client-tools-4.0.12-3.13.2
    • mgr-osad-4.0.11-3.9.2
    • supportutils-plugin-susemanager-proxy-4.0.3-3.3.2
    • spacewalk-certs-tools-4.0.15-3.15.2
  • SUSE Manager Proxy 4.0 Module 4.0 (ppc64le s390x x86_64)
    • patterns-suma_proxy-4.0-9.10.2
  • SUSE Manager Server 4.0 Module 4.0 (noarch)
    • pxe-formula-0.1.1580384994.6076a7e-3.11.2
    • spacewalk-backend-tools-4.0.30-3.23.3
    • susemanager-schema-4.0.18-3.17.2
    • branch-network-formula-0.1.1580471316.1839544-3.10.2
    • mgr-osa-dispatcher-4.0.11-3.9.2
    • susemanager-sync-data-4.0.16-3.15.2
    • spacewalk-backend-iss-export-4.0.30-3.23.3
    • spacewalk-admin-4.0.9-3.6.2
    • salt-netapi-client-0.17.0-4.3.2
    • spacewalk-backend-applet-4.0.30-3.23.3
    • redstone-xmlrpc-1.1_20071120-0.11.3.2
    • python3-susemanager-retail-1.0.1580471316.1839544-3.13.2
    • python3-spacewalk-backend-libs-4.0.30-3.23.3
    • spacewalk-backend-config-files-4.0.30-3.23.3
    • susemanager-docs_en-pdf-4.0-10.18.2
    • spacewalk-backend-config-files-tool-4.0.30-3.23.3
    • spacewalk-java-4.0.31-3.23.1
    • spacewalk-backend-sql-postgresql-4.0.30-3.23.3
    • spacewalk-backend-4.0.30-3.23.3
    • python3-spacewalk-client-tools-4.0.12-3.13.2
    • spacewalk-html-4.0.19-3.18.3
    • spacewalk-backend-iss-4.0.30-3.23.3
    • system-lock-formula-0.2-4.5.1
    • spacewalk-utils-4.0.16-3.15.2
    • py26-compat-salt-2016.11.10-10.11.2
    • python3-mgr-osa-dispatcher-4.0.11-3.9.2
    • spacewalk-backend-server-4.0.30-3.23.3
    • spacewalk-java-lib-4.0.31-3.23.1
    • spacewalk-backend-xml-export-libs-4.0.30-3.23.3
    • subscription-matcher-0.25-3.3.2
    • spacewalk-backend-sql-4.0.30-3.23.3
    • spacewalk-search-4.0.9-3.11.2
    • virtualization-host-formula-0.2-4.3.2
    • spacewalk-backend-package-push-server-4.0.30-3.23.3
    • spacewalk-setup-4.0.13-3.11.1
    • spacewalk-client-tools-4.0.12-3.13.2
    • susemanager-doc-indexes-4.0-10.18.2
    • spacewalk-certs-tools-4.0.15-3.15.2
    • susemanager-sls-4.0.24-3.17.2
    • susemanager-web-libs-4.0.19-3.18.3
    • python3-spacewalk-certs-tools-4.0.15-3.15.2
    • pxe-default-image-sle15-4.0.1-20200305173027
    • python3-mgr-osa-common-4.0.11-3.9.2
    • spacewalk-base-4.0.19-3.18.3
    • spacewalk-taskomatic-4.0.31-3.23.1
    • spacewalk-backend-config-files-common-4.0.30-3.23.3
    • spacewalk-backend-xmlrpc-4.0.30-3.23.3
    • spacewalk-java-config-4.0.31-3.23.1
    • susemanager-retail-tools-1.0.1580471316.1839544-3.13.2
    • spacewalk-java-postgresql-4.0.31-3.23.1
    • spacewalk-backend-app-4.0.30-3.23.3
    • spacewalk-base-minimal-4.0.19-3.18.3
    • spacewalk-base-minimal-config-4.0.19-3.18.3
    • image-sync-formula-0.1.1579102150.4716559-3.11.2
    • prometheus-formula-0.1-4.7.2
    • spacecmd-4.0.18-3.13.2
    • susemanager-docs_en-4.0-10.18.2
  • SUSE Manager Server 4.0 Module 4.0 (ppc64le s390x x86_64)
    • susemanager-tools-4.0.22-3.20.3
    • susemanager-4.0.22-3.20.3
    • patterns-suma_retail-4.0-9.10.2
    • patterns-suma_server-4.0-9.10.2

References: